<?php

require "../../utility.php";

function deleteBookFormDatabase(mysqli $conn, string $id): bool {
    $delete_str = "DELETE FROM Book WHERE ID = ?;";
    $delete_stmt = $conn->prepare($delete_str);
    $delete_stmt->bind_param("i", $id);
    return $delete_stmt->execute();
}

http_response_code(403);

if (check_keys($_GET, "id")) {
    $id = $_GET["id"];
    $conn = connect_mysql();
    // 检查权限
    $user_id = getUserIdBySessionId($conn);
    if ($user_id !== null && getUserPermissionByUserId($conn, $user_id) >= 1) {
        if (deleteBookFormDatabase($conn, $id)) {
            http_response_code(200);
        }
    }
    $conn->close();
}

?>